From 10:00 CET Friday 22nd November we will adjust how the server works to deal with some recently reported problems. Therefore there may be a load problem, if you experience more problems than usual trying to access the forum then please PM AndyS or any of the moderators so they can inform me.


crash at QThead::wait



  • I have a crash at QThread::wait. Here is the stack trace:

    FAULTING_IP: 
    Qt5Cored!isRecursive+22 [c:\users\qt\work\qt\qtbase\src\corelib\thread\qmutex.cpp @ 65]
    00007ffa`7e5b4372 0fb600          movzx   eax,byte ptr [rax]
    
    EXCEPTION_RECORD:  (.exr -1)
    ExceptionAddress: 00007ffa7e5b4372 (Qt5Cored!isRecursive+0x0000000000000022)
       ExceptionCode: c0000005 (Access violation)
      ExceptionFlags: 00000000
    NumberParameters: 2
       Parameter[0]: 0000000000000000
       Parameter[1]: ffffffffffffffff
    Attempt to read from address ffffffffffffffff
    
    DEFAULT_BUCKET_ID:  INVALID_POINTER_READ
    
    PROCESS_NAME:  CortexService.exe
    
    FOLLOWUP_IP: 
    Qt5Cored!isRecursive+22 [c:\users\qt\work\qt\qtbase\src\corelib\thread\qmutex.cpp @ 65]
    00007ffa`7e5b4372 0fb600          movzx   eax,byte ptr [rax]
    
    READ_ADDRESS:  ffffffffffffffff 
    
    ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
    
    EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
    
    EXCEPTION_CODE_STR:  c0000005
    
    EXCEPTION_PARAMETER1:  0000000000000000
    
    EXCEPTION_PARAMETER2:  ffffffffffffffff
    
    WATSON_BKT_PROCSTAMP:  5cecc322
    
    WATSON_BKT_MODULE:  Qt5Cored.dll
    
    WATSON_BKT_MODSTAMP:  5c0513ac
    
    WATSON_BKT_MODOFFSET:  f4372
    
    WATSON_BKT_MODVER:  5.12.0.0
    
    MODULE_VER_PRODUCT:  Qt5
    
    BUILD_VERSION_STRING:  17134.1.amd64fre.rs4_release.180410-1804
    
    ANALYSIS_SESSION_HOST:  DESKTOP-ICB5G90
    
    ANALYSIS_SESSION_TIME:  05-29-2019 16:02:39.0827
    
    ANALYSIS_VERSION: 10.0.18869.1002 amd64fre
    
    THREAD_ATTRIBUTES: 
    BUGCHECK_STR:  APPLICATION_FAULT_INVALID_POINTER_READ
    
    PRIMARY_PROBLEM_CLASS:  APPLICATION_FAULT
    
    PROBLEM_CLASSES: 
    
        ID:     [0n313]
        Type:   [@ACCESS_VIOLATION]
        Class:  Addendum
        Scope:  BUCKET_ID
        Name:   Omit
        Data:   Omit
        PID:    [Unspecified]
        TID:    [0x29f8]
        Frame:  [0] : Qt5Cored!isRecursive
    
        ID:     [0n285]
        Type:   [INVALID_POINTER_READ]
        Class:  Primary
        Scope:  DEFAULT_BUCKET_ID (Failure Bucket ID prefix)
                BUCKET_ID
        Name:   Add
        Data:   Omit
        PID:    [Unspecified]
        TID:    [0x29f8]
        Frame:  [0] : Qt5Cored!isRecursive
    
    LAST_CONTROL_TRANSFER:  from 00007ffa7e5b3e4b to 00007ffa7e5b4372
    
    STACK_TEXT:  
    000000ac`53ffb800 00007ffa`7e5b3e4b : dddddddd`dddddddd 000000ac`53ffb840 00000000`00000000 000002a4`cea17080 : Qt5Cored!isRecursive+0x22
    000000ac`53ffb820 00007ffa`7e5ab81c : 000002a4`cea1f520 000002a4`cea1f520 000002a4`00000000 00000000`0000041c : Qt5Cored!QMutex::lock+0x2b
    000000ac`53ffb860 00007ff7`5cc0231f : 000002a4`cea16f90 00007ff7`ffffffff 00000000`00000003 00000000`00000000 : Qt5Cored!QThread::wait+0x14c
    000000ac`53ffb8e0 00007ff7`5ca73e5e : 000000ac`53cff7c8 00007ff7`5d9f5448 000002a4`000000ad 00007ff7`5d9f53b0 : CortexService!Cortex::API::CortexConnectionManager::stop+0x18f
    000000ac`53ffb9c0 00007ff7`5ca74a25 : 000000ac`53cff618 00007ff7`00000000 00000104`00000000 00000000`00000000 : CortexService!CortexService::stop+0xce
    000000ac`53ffba80 00007ff7`5ca8ecdc : 000000ac`53cff618 00000000`00000000 00000000`00000000 00000000`00000000 : CortexService!CortexService::signalStopService+0x15
    000000ac`53ffbab0 00007ff7`5ca8e9a7 : 00007ff7`5ca74a10 000000ac`53cff618 000002a4`cea8dd80 00000000`00000000 : CortexService!QtPrivate::FunctorCall<QtPrivate::IndexesList<>,QtPrivate::List<>,void,void (__cdecl CortexService::*)(void) __ptr64>::call+0x1c
    000000ac`53ffbaf0 00007ff7`5ca8ee4e : 00007ff7`5ca74a10 000000ac`53cff618 000002a4`cea8dd80 00000000`00000000 : CortexService!QtPrivate::FunctionPointer<void (__cdecl CortexService::*)(void) __ptr64>::call<QtPrivate::List<>,void>+0x27
    000000ac`53ffbb20 00007ffa`7e995ec8 : 00000000`00000001 000002a4`ce424b90 000000ac`53cff618 000002a4`cea8dd80 : CortexService!QtPrivate::QSlotObject<void (__cdecl CortexService::*)(void) __ptr64,QtPrivate::List<>,void>::impl+0x8e
    000000ac`53ffbb70 00007ffa`7e9dd2e6 : 000002a4`ce424b90 000000ac`53cff618 000002a4`cea8dd80 000000ac`53cff618 : Qt5Cored!QtPrivate::QSlotObjectBase::call+0x38
    000000ac`53ffbbb0 00007ffa`7e9d5c3f : 000002a4`ce47e930 000000ac`53cff618 000000ac`53cff5e8 00007ffa`00000003 : Qt5Cored!QMetaCallEvent::placeMetaCall+0x36
    000000ac`53ffbbf0 00007ffa`7e97dc0e : 000000ac`53cff618 000002a4`ce47e930 000000ac`53cff620 000000ac`53ffbec8 : Qt5Cored!QObject::event+0x12f
    000000ac`53ffbe60 00007ffa`7e97f478 : 000000ac`53cff618 000002a4`ce47e930 000002a4`00000000 00007ffa`7e57ba74 : Qt5Cored!QCoreApplicationPrivate::notify_helper+0x9e
    000000ac`53ffbea0 00007ffa`7e97b1e1 : 000000ac`53cff618 000002a4`ce47e930 ffffffff`fffffffe 000000ac`53ffbf90 : Qt5Cored!doNotify+0x78
    000000ac`53ffbf00 00007ffa`7e97cc56 : 000000ac`53cff5e8 000000ac`53cff618 000002a4`ce47e930 00007ffa`7e5aa4d3 : Qt5Cored!QCoreApplication::notify+0x31
    000000ac`53ffbf30 00007ffa`7e97a992 : 000000ac`53cff618 000002a4`ce47e930 00007ffa`7f1d0c30 00007ffa`00000000 : Qt5Cored!QCoreApplication::notifyInternal2+0x116
    000000ac`53ffbfb0 00007ffa`7e97e60d : 000000ac`53cff618 000002a4`ce47e930 00007ffa`00000000 000002a4`ce2b25b0 : Qt5Cored!QCoreApplication::sendEvent+0x42
    000000ac`53ffbfe0 00007ffa`7ea3fa8a : 00000000`00000000 00007ffa`00000000 000002a4`ce2b25b0 00007ffa`7e989312 : Qt5Cored!QCoreApplicationPrivate::sendPostedEvents+0x47d
    000000ac`53ffc0f0 00007ffa`7ea3d878 : 000002a4`ce4e0ee0 00000000`00000000 000000ac`53ffc169 000000ac`53ffc1b0 : Qt5Cored!QEventDispatcherWin32::sendPostedEvents+0x2a
    000000ac`53ffc130 00007ffa`d1396d41 : 00000000`0017002e 00000000`00000401 00000000`00000000 00000000`00000000 : Qt5Cored!qt_internal_proc+0x668
    000000ac`53ffc2b0 00007ffa`d1396713 : 000002a4`ce4829a0 00007ffa`7e4d622a 00000000`0017002e 00007ffa`00000401 : user32!UserCallWinProcCheckWow+0x2c1
    000000ac`53ffc440 00007ffa`7ea3e168 : 000000ac`53ffc538 000000ac`00000000 000000ac`53ffc538 00000000`00000000 : user32!DispatchMessageWorker+0x1c3
    000000ac`53ffc4d0 00007ffa`7e976e83 : 000002a4`ce4e0ee0 00007ffa`00000024 000002a4`ce497a84 000002a4`ce497a10 : Qt5Cored!QEventDispatcherWin32::processEvents+0x558
    000000ac`53fff660 00007ffa`7e9770be : 000000ac`53fff798 000000ac`00000024 000000ac`00000020 000000ac`53fff700 : Qt5Cored!QEventLoop::processEvents+0x63
    000000ac`53fff6a0 00007ffa`7e5a741f : 000000ac`53fff798 00000000`00000000 000002a4`ce2b25e8 00007ffa`7e572673 : Qt5Cored!QEventLoop::exec+0x18e
    000000ac`53fff750 00007ffa`7e5a7353 : 000000ac`53cffac8 000000ac`53cffac8 000002a4`ce445800 000000ac`53fff7f8 : Qt5Cored!QThread::exec+0xbf
    000000ac`53fff7c0 00007ffa`7e5abc6b : 000000ac`53cffac8 000002a4`ce48e500 00000000`00000000 00000000`00000000 : Qt5Cored!QThread::run+0x13
    000000ac`53fff7f0 00007ffa`cf844034 : 000000ac`53cffac8 00000000`00000000 00000000`00000000 00000000`00000000 : Qt5Cored!QThreadPrivate::start+0x15b
    000000ac`53fff870 00007ffa`d1c13691 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0x14
    000000ac`53fff8a0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x21
    
    
    THREAD_SHA1_HASH_MOD_FUNC:  5699dc89771ce62f48e0bcfbe264dc112cabad54
    
    THREAD_SHA1_HASH_MOD_FUNC_OFFSET:  1838f892077d904247f98c259bb8f09a59fe89b3
    
    THREAD_SHA1_HASH_MOD:  200f99b5f5d9d4abf8a087e3194d96dace7c8b2c
    
    FAULT_INSTR_CODE:  4800b60f
    
    FAULTING_SOURCE_LINE:  c:\users\qt\work\qt\qtbase\src\corelib\thread\qmutex.cpp
    
    FAULTING_SOURCE_FILE:  c:\users\qt\work\qt\qtbase\src\corelib\thread\qmutex.cpp
    
    FAULTING_SOURCE_LINE_NUMBER:  65
    
    FAULTING_SOURCE_CODE:  
        61: #ifdef QT_LINUX_FUTEX
        62:     Q_ASSERT(d->recursive);
        63:     return true;
        64: #else
    >   65:     return d->recursive;
        66: #endif
        67: }
        68: 
        69: class QRecursiveMutexPrivate : public QMutexData
        70: {
    
    
    SYMBOL_STACK_INDEX:  0
    
    SYMBOL_NAME:  Qt5Cored!isRecursive+22
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: Qt5Cored
    
    IMAGE_NAME:  Qt5Cored.dll
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  5c0513ac
    
    STACK_COMMAND:  ~9s ; .ecxr ; kb
    
    FAILURE_BUCKET_ID:  INVALID_POINTER_READ_c0000005_Qt5Cored.dll!isRecursive
    
    BUCKET_ID:  APPLICATION_FAULT_INVALID_POINTER_READ_Qt5Cored!isRecursive+22
    
    FAILURE_EXCEPTION_CODE:  c0000005
    
    FAILURE_IMAGE_NAME:  Qt5Cored.dll
    
    BUCKET_ID_IMAGE_STR:  Qt5Cored.dll
    
    FAILURE_MODULE_NAME:  Qt5Cored
    
    BUCKET_ID_MODULE_STR:  Qt5Cored
    
    FAILURE_FUNCTION_NAME:  isRecursive
    
    BUCKET_ID_FUNCTION_STR:  isRecursive
    
    BUCKET_ID_OFFSET:  22
    
    BUCKET_ID_MODTIMEDATESTAMP:  5c0513ac
    
    BUCKET_ID_MODCHECKSUM:  0
    
    BUCKET_ID_MODVER_STR:  5.12.0.0
    
    BUCKET_ID_PREFIX_STR:  APPLICATION_FAULT_INVALID_POINTER_READ_
    
    FAILURE_PROBLEM_CLASS:  APPLICATION_FAULT
    
    FAILURE_SYMBOL_NAME:  Qt5Cored.dll!isRecursive
    
    TARGET_TIME:  2019-05-29T02:21:32.000Z
    
    OSBUILD:  17134
    
    OSSERVICEPACK:  753
    
    SERVICEPACK_NUMBER: 0
    
    OS_REVISION: 0
    
    SUITE_MASK:  256
    
    PRODUCT_TYPE:  1
    
    OSPLATFORM_TYPE:  x64
    
    OSNAME:  Windows 10
    
    OSEDITION:  Windows 10 WinNt SingleUserTS
    
    OS_LOCALE:  
    
    USER_LCID:  0
    
    OSBUILD_TIMESTAMP:  unknown_date
    
    BUILDDATESTAMP_STR:  180410-1804
    
    BUILDLAB_STR:  rs4_release
    
    BUILDOSVER_STR:  10.0.17134.1.amd64fre.rs4_release.180410-1804
    
    ANALYSIS_SESSION_ELAPSED_TIME:  ef6
    
    ANALYSIS_SOURCE:  UM
    
    FAILURE_ID_HASH_STRING:  um:invalid_pointer_read_c0000005_qt5cored.dll!isrecursive
    
    FAILURE_ID_HASH:  {f1f28c3e-fce7-9e49-1a65-1afc1afc6bbb}
    
    Followup:     MachineOwner
    ---------
    

    Can anyone have any idea why it can crash on QThead::wait? Is that a Qt issue or my mistake to use QThread?
    My application source is quite large and cannot be shared, so please understand that I cannot share source code here.
    The crash happens sometimes. Even I cannot reproduce the crash on my machine.


  • Moderators

    hi @thamht4190 and welcome

    from what I can see,

    I would say you try to access your Thread instance, when its already deleted. Since it doesn't happen each time and behaves differently on different PC.

    I would say you have a race condition on hand.



  • Thanks very much. I will continue my investigation on your diagnose.



  • ExceptionAddress: 00007ffa7e5b4372 (Qt5Cored!isRecursive+0x0000000000000022)
    ExceptionCode: c0000005 (Access violation)
    /////
    Hi,
    Is there access to unauthorized memory in a loop?



  • @A.A.SEZEN Uhm, I think @J-Hilk is right: sometimes my Thread instance has been destroyed. I have fixed by using checking null before calling it, I don't see the crash anymore.


Log in to reply